Failing DNS calls aren't showing up in the Flows
I've had several cases recently that DNS calls are failing. It's happened on multiple clients and for different cases. Couple examples, coralogix.com returns a host not found, if I query or visit off my netowrk it works without issue. Trying to create Let's Encrypt certs using DNS auth fails. My service will create the required TXT record but is unable to query that record. If I put these clients in "Emergency Access" mode, everything works without any issue. To make this more challenging to troubleshoot is these calls aren't showing up in Flows so I can't see any reason why they are being blocked. Any help in troubleshooting this issue would be appreciated.
-
DNS queries are NOT real flows, and they probably can be blocked anywhere. coralogix.com is associated with logging, so it is likely it is an ad or tracker. if you tap on the network flows, and tap on top right "view blocked", see if you can see it. (Sometimes you can)
Edit: my coworker told me you can tap on rules, tap on the top right (...) and tap on Diagnostics, you should be able to enter the domain and it should tell you why it is blocked.
Can you turn off ad blocker and see if it will fix the issue? You can also add an "allow rule to coralogix.com" to the box having issues, it should also fix the issue.
-
Thanks, I did look at the blocked flows and these calls didn’t show up there. Coralogix.com is just an example. (I was trying to review them as a vendor and couldn’t visit their site). I’m seeing the same behavior on lots of DNS requests, as mentioned even trying to issue ssl certs on domains I own and have only ever been used for my own private use. I could add allow rules if I knew what was being blocked, for the cert issuance, I don’t know if it’s trying to query the domain I own, the cloudflare api where my domain is hosted, etc (hence why I’m trying to find the blocked calls). I’ll try the diagnostics idea and see what it can provide.
Please sign in to leave a comment.
Comments
3 comments